Main navigation

Clone Domain Controller in Windows Server 2012 HYPER-V

Windows Server 2012 HYPER-V has a great feature that to be honest until few months ago i didn't know it. The feature is the Domain Controller Clone. As IT Pro you must know that to restore a Domain Controller it's not so simple. It's not only a Restore from a Backup. You must have prepare a plan with specific tests to Restore successful a failed Domain Controller.

With a simple words everything else as restore , copy , snapshot except rebuilding from scratch it has the potential to create more problems in the directory.

To be honest i don't have say with lot of details because i don't have use it so many times to monitoring behaviors and results. But of course i have to say lot of things how can start to clone.

Requirements

Before start to Clone the Domain Controller must meet the following requirements to take advantage:

Hypervisor must support VM-GenerationID. It's a new feature on Windows Server 2012 HYPER-V.

The source server must run Windows Server 2012.

The PDC Remulator Role must be online and available to the cloned DC and mus be running Windows Server 2012.

Unsupported Application and Service for Clone

Here you can find all the unsupported Applications from Microsoft that you should remove it if decide to Clone the DC

Dynamic Host Configuration Protocol (DHCP)

Active Directory Certificate Services (AD CS)

Active Directory Lightweight Directory Services (AD LDS)

If you have install any 3rd application in the Domain Controller then you must verify with the vendor of the Application if support Cloning.

Prepare the Source Domain Controller for Cloning

If you meet all the Requirements that you can start to Clone Domain Controller.

Let's explain the scenario.

In my Lab i have one Domain Controller and i plan to build 2 more Domain Controllers.

The source Domain Controller is the DC1

The Clone Domain Controllers will be DC2 and DC3.

First Step before start is to add the Source Domain Controller in the Clonable Domain Controllers Group. It's a new group in Windows Server 2012 DC.

Open Server Manager.

Click in Tools and select Active Directory Administrative Center

​

Find the Clonable Domain Controllers Group in the Users Container and add the Source Domain Controller which is the DC1.

The specific Group has some permissions set on the domain head that should not be removed. If try to remove these permissions then it's sure that the cloning will be fail.

Create DCCloneConfig.xml

It's time to use Powershell to create the DCClobeConfig.xml. This xml file contains all the settings that you want to give in cloned DC as ip address,gateway , domain name and more and will be used when cloned DC will boot for the first time.

This file is one of the big difference between cloneable DC and DC that is being restored.

Verify that the PDC is available and running Windows Server 2012 and later

Verify if the source Domain Controller is member of Clonable Domain Controllers Group

Check if any application or service are detected which is not support cloning like DHCP Server.

In the specific scenario i don't have any Warning for the Application List but i will proceed with the next step which describe how can use the ExcludeApplicationList to identify any application or service that installed in the Domain Controller which not support cloning and must be remove it.

Create ADDCCloningExcludeApplicationList

After Creation of the file DCCloneConfig.xml type the following command to identify if you have any unsupported application or service to clone.

Get-ADDCCloningExcludedApplicationList

If appear any line with a program or service then must be uninstall before proceed with the cloning.

In my scenario i don't have any unspported application or service.

So i will proceed with the following step.

Export-Import Source Domain Controller

The last step is to export the source domain controller and import as new VM in the same HYPER-V host or another one.

First shutdown the source domain controller and find the detail instruction how can Export and Import VM from HYPER-V.

Be careful that when import the VM must use only the Copy the virtual machine (create a new unique ID)

Askme4Tech is my Blog to the IT Community. From this site i share tips, news and in depth tutorials for IT Professionals working with Microsoft products.

My goal is to create a share Knowledge base for IT Professionals and Power Users that works with Microsoft Products and to provide valuable help in daily technical problems and keep up to date with news from IT industry.